WO2008016589A3 - Apparatus and methods for supporting 802.1x in daisy chained devices - Google Patents

Apparatus and methods for supporting 802.1x in daisy chained devices Download PDF

Info

Publication number
WO2008016589A3
WO2008016589A3 PCT/US2007/017081 US2007017081W WO2008016589A3 WO 2008016589 A3 WO2008016589 A3 WO 2008016589A3 US 2007017081 W US2007017081 W US 2007017081W WO 2008016589 A3 WO2008016589 A3 WO 2008016589A3
Authority
WO
WIPO (PCT)
Prior art keywords
access
domain
binding
packet
network
Prior art date
Application number
PCT/US2007/017081
Other languages
French (fr)
Other versions
WO2008016589A2 (en
Inventor
Susan M Sauter
Jason D Frazier
Cynthia D Melter
Gregory Alan Moore
Ian Foo
Original Assignee
Cisco Tech Inc
Susan M Sauter
Jason D Frazier
Cynthia D Melter
Gregory Alan Moore
Ian Foo
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cisco Tech Inc, Susan M Sauter, Jason D Frazier, Cynthia D Melter, Gregory Alan Moore, Ian Foo filed Critical Cisco Tech Inc
Priority to EP07810935A priority Critical patent/EP2047638A4/en
Priority to CN2007800273153A priority patent/CN101554016B/en
Publication of WO2008016589A2 publication Critical patent/WO2008016589A2/en
Publication of WO2008016589A3 publication Critical patent/WO2008016589A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources

Abstract

Disclosed are apparatus and methods for authenticating a device to access a network through an access control port. In one embodiment, one or more first authentication packets for authenticating a first device (104, 106) or user to access a first network domain via a particular access port (102) of a network device are received, for example, by an access control port. The particular access port is configured to control access for packets attempting to ingress into one or more network domains. When the first device or user is authorized to access the first domain, a first binding (110, 112) between the first device and the first domain is formed. The first binding specifies that the first device is allowed to access the first domain and the first binding is associated with the particular access port of the network device. When a packet is received that is attempting to ingress into the first domain and the ingressing packet matches the first binding, the ingressing packet is allowed to access the first domain (608). In contrast, when a packet is received that is attempting to ingress into the first domain and the ingressing packet does not match the first binding, the ingressing packet is blocked from accessing the first domain (612).
PCT/US2007/017081 2006-08-01 2007-07-30 Apparatus and methods for supporting 802.1x in daisy chained devices WO2008016589A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP07810935A EP2047638A4 (en) 2006-08-01 2007-07-30 Apparatus and methods for supporting 802.1x in daisy chained devices
CN2007800273153A CN101554016B (en) 2006-08-01 2007-07-30 Apparatus and methods for supporting 802.1X in daisy chained devices

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US82101506P 2006-08-01 2006-08-01
US60/821,015 2006-08-01
US11/582,786 US7539189B2 (en) 2006-08-01 2006-10-17 Apparatus and methods for supporting 802.1X in daisy chained devices
US11/582,786 2006-10-17

Publications (2)

Publication Number Publication Date
WO2008016589A2 WO2008016589A2 (en) 2008-02-07
WO2008016589A3 true WO2008016589A3 (en) 2008-11-20

Family

ID=38997672

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/017081 WO2008016589A2 (en) 2006-08-01 2007-07-30 Apparatus and methods for supporting 802.1x in daisy chained devices

Country Status (4)

Country Link
US (1) US7539189B2 (en)
EP (1) EP2047638A4 (en)
CN (1) CN101554016B (en)
WO (1) WO2008016589A2 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6974788B2 (en) * 2004-03-12 2005-12-13 Chevron Oronite Company Llc. Zeolite Y alkylation catalysts
JP2009111859A (en) * 2007-10-31 2009-05-21 Toshiba Corp Apparatus, method and program, for registering user address information
US8990892B2 (en) 2011-07-06 2015-03-24 Cisco Technology, Inc. Adapting extensible authentication protocol for layer 3 mesh networks
CN103259944B (en) * 2013-05-10 2015-04-22 国家电网公司 Method for configuring IP soft switch system and different intranet switchboards
US9432260B2 (en) * 2014-03-28 2016-08-30 Brocade Communications Systems, Inc. Automated configuration for network devices
US9749353B1 (en) 2015-03-16 2017-08-29 Wells Fargo Bank, N.A. Predictive modeling for anti-malware solutions
US9794265B1 (en) * 2015-03-16 2017-10-17 Wells Fargo Bank, N.A. Authentication and authorization without the use of supplicants
US11658976B2 (en) * 2021-01-27 2023-05-23 Arista Networks, Inc. Captive portal redirection and network access restriction of device using a single access control list

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7058973B1 (en) * 2000-03-03 2006-06-06 Symantec Corporation Network address translation gateway for local area networks using local IP addresses and non-translatable port addresses
US20060251055A1 (en) * 2005-04-25 2006-11-09 Sylvain Monette Method for managing service bindings over an access domain and nodes therefor
US7150040B2 (en) * 1998-12-01 2006-12-12 Sun Microsystems, Inc. Authenticated firewall tunneling framework

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ATE413747T1 (en) * 2002-02-08 2008-11-15 Ericsson Telefon Ab L M METHOD AND SYSTEM FOR INTERLATING SERVICE PROVIDERS WITH CUSTOMERS IN AN ACCESS NETWORK USING DYNAMICALLY ALLOCATED MAC ADDRESSES
JP3849929B2 (en) 2002-06-14 2006-11-22 Kddi株式会社 Wireless LAN system for virtual LAN
US7234163B1 (en) * 2002-09-16 2007-06-19 Cisco Technology, Inc. Method and apparatus for preventing spoofing of network addresses
US20040255154A1 (en) 2003-06-11 2004-12-16 Foundry Networks, Inc. Multiple tiered network security system, method and apparatus
US8165156B1 (en) * 2003-12-16 2012-04-24 Telefonaktiebolaget Lm Ericsson (Publ) Ethernet DSL access multiplexer and method providing dynamic service selection and end-user configuration
US20060015595A1 (en) * 2004-06-17 2006-01-19 International Business Machines Corporation Method and apparatus for obtaining addresses for multiple interfaces in a device
US7975058B2 (en) * 2006-01-31 2011-07-05 Cisco Technology, Inc. Systems and methods for remote access of network devices having private addresses
US7930734B2 (en) * 2006-04-28 2011-04-19 Cisco Technology, Inc. Method and system for creating and tracking network sessions

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7150040B2 (en) * 1998-12-01 2006-12-12 Sun Microsystems, Inc. Authenticated firewall tunneling framework
US7058973B1 (en) * 2000-03-03 2006-06-06 Symantec Corporation Network address translation gateway for local area networks using local IP addresses and non-translatable port addresses
US20060251055A1 (en) * 2005-04-25 2006-11-09 Sylvain Monette Method for managing service bindings over an access domain and nodes therefor

Also Published As

Publication number Publication date
US20080034407A1 (en) 2008-02-07
EP2047638A4 (en) 2012-03-21
WO2008016589A2 (en) 2008-02-07
EP2047638A2 (en) 2009-04-15
CN101554016B (en) 2012-07-11
US7539189B2 (en) 2009-05-26
CN101554016A (en) 2009-10-07

Similar Documents

Publication Publication Date Title
WO2008016589A3 (en) Apparatus and methods for supporting 802.1x in daisy chained devices
EP1691523B8 (en) System and method for user access control to content in a network
WO2008070330A3 (en) Apparatus and methods for authenticating voice and data devices on the same port
WO2007047440A3 (en) Method and apparatus for re-authentication of a computing device using cached state
WO2010048031A3 (en) Network location determination for direct access networks
EP2458778A3 (en) Technique for securely communicating programming content
WO2006041569A3 (en) Apparatus and method for authenticating access to a network resource using multiple shared devices
AU5401200A (en) Security architecture
WO2006081302A3 (en) Network appliance for securely quarantining a node on a network
WO2006101667A3 (en) Authenticating an endpoint using a stun server
WO2008042871A3 (en) Methods and apparatus for securely signing on to a website via a security website
WO2009148746A3 (en) Trusted device-specific authentication
WO2007130006A3 (en) System and method for remotely assigning and revoking access credentials using a near field communication equipped mobile phone
AU2003265034A1 (en) Security and privacy enhancements for security devices
WO2011043903A3 (en) Network access control
WO2008076163A3 (en) Techniques for managing security in next generation communication networks
WO2005065132A3 (en) System, method, and devices for authentication in a wireless local area network (wlan)
EP1847941A3 (en) Method and system afor resetting passwords
GB2464552B (en) Authentication system and method for authenticating a user terminal with an access node providing restricted access to a communication network
WO2006078729A3 (en) Network appliance for vulnerability assessment auditing over multiple networks
WO2008033554A3 (en) Dual-access security system for medical records
WO2007044613A3 (en) Apparatus system and method for real-time migration of data related to authentication
BR0309974A (en) Unrestricted Authentication of Wireless Public Local Area Network User
WO2007092080A3 (en) Authenticating mobile network provider equipment
WO2006022821A3 (en) Log-in security device

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200780027315.3

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07810935

Country of ref document: EP

Kind code of ref document: A2

REEP Request for entry into the european phase

Ref document number: 2007810935

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2007810935

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU